[openssl-users] More on cert serialnumbers

Karl Denninger karl at denninger.net
Thu Aug 17 14:49:12 UTC 2017

On 8/17/2017 09:40, Robert Moskowitz wrote:
> I have been researching serial number in cert based on Jakob's comment:
> "- Serial numbers are *exactly* 20 bytes (153 to 159 bits) both as
> standalone
>  numbers and as DER-encoded numbers.  Note that this is not the
> default in
>  the openssl ca program.
> - Serial numbers contain cryptographically strong random bits,
> currently at
>  least 64 random bits, though it is best if the entire serial number
> looks
>  random from the outside.  This is not implemented by the openssl ca
> program."
> And this is supposedly from the CA/B BF?
> Though Erwann responded:
> "There’s no such requirement. It MUST be at most 20 octets long"
> I see how for all certs other than the root (get to that later), I can
> control this with:
> openssl rand -hex 20 > serial
> then use 'openssl ca ...'
> But from Kyle's comment, the first bit must be ZERO.
So since the 20 octets is a maximum and not a requirement use -hex 19
instead, and if this results in DER placing a leading 0x00 byte you're
still ok.  This also complies with the ballot that Rich mentioned since
you have more entropy than required.

At least I think that meets the requirements....

Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170817/6eca37a5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2993 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170817/6eca37a5/attachment-0001.bin>

More information about the openssl-users mailing list